github/proxmark3
1
0
Fork 0
mirror of https://github.com/Proxmark/proxmark3.git synced 2025-08-20 13:23:25 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions

(implementing suggestion #94)

Browse source 
hf mf mifare: gracefully exit if tag isn't vulnerable to this attack
hf mf nested: dito
This commit is contained in:
pwpiwi 2015-06-24 07:48:36 +02:00
commit dc8ba239fb
4 changed files with 83 additions and 43 deletions
Download patch file Download diff file Expand all files Collapse all files

38
client/mifarehost.c
View file

@ -69,7 +69,7 @@ void* nested_worker_thread(void *arg)
int mfnested(uint8_t blockNo, uint8_t keyType, uint8_t * key, uint8_t trgBlockNo, uint8_t trgKeyType, uint8_t * resultKey, bool calibrate)
{
uint16_t i, len;
uint16_t i;
uint32_t uid;
UsbCommand resp;
@ -77,31 +77,29 @@ int mfnested(uint8_t blockNo, uint8_t keyType, uint8_t * key, uint8_t trgBlockNo
struct Crypto1State *p1, *p2, *p3, *p4;
// flush queue
WaitForResponseTimeout(CMD_ACK,NULL,100);
WaitForResponseTimeout(CMD_ACK, NULL, 100);
UsbCommand c = {CMD_MIFARE_NESTED, {blockNo + keyType * 0x100, trgBlockNo + trgKeyType * 0x100, calibrate}};
memcpy(c.d.asBytes, key, 6);
SendCommand(&c);
if (WaitForResponseTimeout(CMD_ACK,&resp,1500)) {
len = resp.arg[1];
if (len == 2) {
memcpy(&uid, resp.d.asBytes, 4);
PrintAndLog("uid:%08x len=%d trgbl=%d trgkey=%x", uid, len, (uint16_t)resp.arg[2] & 0xff, (uint16_t)resp.arg[2] >> 8);
for (i = 0; i < 2; i++) {
statelists[i].blockNo = resp.arg[2] & 0xff;
statelists[i].keyType = (resp.arg[2] >> 8) & 0xff;
statelists[i].uid = uid;
if (!WaitForResponseTimeout(CMD_ACK, &resp, 1500)) {
return -1;
}
memcpy(&statelists[i].nt, (void *)(resp.d.asBytes + 4 + i * 8 + 0), 4);
memcpy(&statelists[i].ks1, (void *)(resp.d.asBytes + 4 + i * 8 + 4), 4);
}
}
else {
PrintAndLog("Got 0 keys from proxmark.");
return 1;
}
if (resp.arg[0]) {
return resp.arg[0]; // error during nested
}
memcpy(&uid, resp.d.asBytes, 4);
PrintAndLog("uid:%08x trgbl=%d trgkey=%x", uid, (uint16_t)resp.arg[2] & 0xff, (uint16_t)resp.arg[2] >> 8);
for (i = 0; i < 2; i++) {
statelists[i].blockNo = resp.arg[2] & 0xff;
statelists[i].keyType = (resp.arg[2] >> 8) & 0xff;
statelists[i].uid = uid;
memcpy(&statelists[i].nt, (void *)(resp.d.asBytes + 4 + i * 8 + 0), 4);
memcpy(&statelists[i].ks1, (void *)(resp.d.asBytes + 4 + i * 8 + 4), 4);
}
// calc keys